Vulnerabilities
- Leaky Vessels: Docker and runc Container Breakout Vulnerabilities – January 2024 | Snyk
- VU#132380 – Vulnerabilities in EDK2 NetworkPkg IP stack implementation.
- PixieFail: Nine vulnerabilities in Tianocore’s EDK II IPv6 network stack.
- 2023-12 Security Bulletin: JSA Series: Multiple vulnerabilities resolved
- Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerabilities
- Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerabilities
- Mali GPU Driver Vulnerabilities
- Microsoft’s Response to Open-Source Vulnerabilities – CVE-2023-4863 and CVE-2023-5217 | MSRC Blog | Microsoft Security Response Center
- 2023-08 Out-of-Cycle Security Bulletin: Junos OS: SRX Series and EX Series: Multiple vulnerabilities in J-Web can be combined to allow a preAuth Remote Code Execution
- 2023-08 Out-of-Cycle Security Bulletin: Junos OS: SRX Series and EX Series: Multiple vulnerabilities in J-Web can be combined to allow a preAuth Remote Code Execution
- 2022 Top Routinely Exploited Vulnerabilities | CISA
- Security Vulnerabilities fixed in Firefox 115.0.2 and Firefox ESR 115.0.2 — Mozilla
- Security Vulnerabilities fixed in Firefox 115.0.2 and Firefox ESR 115.0.2 — Mozilla
- Progress Software Releases Service Pack for MOVEit Transfer Vulnerabilities | CISA
- What to Expect When Reporting Vulnerabilities to Microsoft | MSRC Blog | Microsoft Security Response Center
- Microsoft mitigates set of cross-site scripting (XSS) vulnerabilities in Azure Bastion and Azure Container Registry | MSRC Blog | Microsoft Security Response Center
- Microsoft resolves four SSRF vulnerabilities in Azure cloud services – Microsoft Security Response Center
- AMD Server Vulnerabilities – January 2023 | AMD
- AMD Client Vulnerabilities – January 2023 | AMD
- Security Vulnerabilities fixed in Thunderbird 102.6.1 — Mozilla
- SafeBreach Labs Discovers New Zero-Day Vulnerabilities | New Research
- Cloudflare is not affected by the OpenSSL vulnerabilities CVE-2022-3602 and CVE-2022-3786
- Drupal core – Critical – Multiple vulnerabilities – SA-CORE-2022-016 | Drupal.org
- oss-security – ISC has disclosed six vulnerabilities in BIND (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178)
- WordPress Vulnerabilities & Patch Roundup — August 2022 | Sucuri Blog
- Microsoft Mitigates Azure Site Recovery Vulnerabilities – Microsoft Security Response Center
- Are there any known security vulnerabilities? – RealVNC Help Center
- Cloudflare’s approach to handling BMC vulnerabilities
- CISA, FBI, NSA, and International Partners Warn Organizations of Top Routinely Exploited Cybersecurity Vulnerabilities | CISA
- 2021 Top Routinely Exploited Vulnerabilities | CISA
- 2021 Top Routinely Exploited Vulnerabilities | CISA
- Lenovo Notebook BIOS Vulnerabilities – Lenovo Support RO
- CISA Adds Eight Known Exploited Vulnerabilities to Catalog | CISA
- CVE-2022-1096: How Cloudflare Zero Trust provides protection from zero day browser vulnerabilities
- Infusion Pump Vulnerabilities: Common Security Gaps
- Security Vulnerabilities fixed in Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, and Focus 97.3.0 — Mozilla
- Security Bulletin – McAfee Agent update fixes two vulnerabilities (CVE-2021-31854, CVE-2022-0166)
- Cisco Talos Intelligence Group – Comprehensive Threat Intelligence: Vulnerability Spotlight: Vulnerabilities in metal detector peripheral could allow attackers to manipulate security devices
- Log4j – Apache Log4j Security Vulnerabilities
- Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021
- Fixing Recent Validation Vulnerabilities in OctoRPKI
- CISA Releases Directive on Reducing the Significant Risk of Known Exploited Vulnerabilities | CISA
- Visa and Apple Pay vulnerabilities leaves iPhone users open to payment fraud
- Additional Guidance Regarding OMI Vulnerabilities within Azure VM Management Extensions – Microsoft Security Response Center
- TransLogic Firmware Vulnerabilities – Swisslog Healthcare
- DSA-2021-106: Dell Client Platform Security Update for Multiple Vulnerabilities in the BIOSConnect and HTTPS Boot features as part of the Dell Client BIOS | Dell 日本
- Eclypsium Discovers Multiple Vulnerabilities in Dell BIOSConnect
- Security Vulnerabilities fixed in Thunderbird 78.10.2 — Mozilla
- Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021
- 2021-05 Out-of-Cycle Security Bulletin: Multiple Products: Multiple vulnerabilities related to aggregation and fragmentation attacks against Wi-Fi (FragAttacks) – Juniper Networks
- Security Advisory for Fragment and Forge vulnerabilities on some WiFi capable devices, PSV-2021-0014 & PSV-2021-0080 | Answer | NETGEAR Support
- “BadAlloc” – Memory allocation vulnerabilities could affect wide range of IoT and OT devices in industrial, medical, and enterprise networks – Microsoft Security Response Center
- Security Notice: SonicWall Email Security Zero-Day Vulnerabilities | SonicWall
- Security Vulnerabilities fixed in Thunderbird 78.9.1 — Mozilla
- The State of Vulnerabilities in 2020 | Resource Library
- Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities – Microsoft Security Response Center
- Technical Advisory – Multiple Vulnerabilities in Netgear ProSAFE Plus JGS516PE / GS116Ev2 Switches – NCC Group Research
- Article: K02566623 – Overview of F5 critical vulnerabilities (March 2021)
- Protecting against recently disclosed Microsoft Exchange Server vulnerabilities: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065
- Microsoft Exchange Server Vulnerabilities Mitigations – March 2021 – Microsoft Security Response Center
- Know, Prevent, Fix: A framework for shifting the discussion around vulnerabilities in open source | Google Open Source Blog
- Google、オープンソースソフトウェアの脆弱性をバージョンごとにデータベース化する「OSV」(Open Source Vulnerabilities)プロジェクトを開始 - Publickey
- Security Vulnerabilities fixed in Firefox 85.0.1 and Firefox ESR 78.7.1 — Mozilla
- Security Vulnerabilities fixed in Firefox 84.0.2, Firefox for Android 84.1.3, and Firefox ESR 78.6.1 — Mozilla
- Security Vulnerabilities fixed in Thunderbird 78.5.1 — Mozilla
- USN-4616-1: AccountsService vulnerabilities | Ubuntu security notices | Ubuntu
- Security Vulnerabilities fixed in Firefox 82.0.3, Firefox ESR 78.4.1, and Thunderbird 78.4.2 — Mozilla
- 2070 – Github: Widespread injection vulnerabilities in Actions – project-zero
- [Vuln Disclosure] Mobile Browser Bar Spoofing Vulnerabilities
- VU#114757 – Acronis backup software contains multiple privilege escalation vulnerabilities
- Multiple Vulnerabilities in Helpdesk – Security Advisory | QNAP
- VU#896979 – IPTV encoder devices contain multiple vulnerabilities
- Security Vulnerabilities fixed in Thunderbird 78 — Mozilla
- Tsunami: An extensible network scanning engine for detecting high severity vulnerabilities with high confidence | Google Open Source Blog
- google/tsunami-security-scanner: Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
- oss-sec: Multiple vulnerabilities in Dovecot IMAP server
- Security Vulnerabilities fixed in Firefox 74.0.1 and Firefox ESR 68.6.1 — Mozilla
- VU#354840 – Microsoft Windows Type 1 font parsing remote code execution vulnerabilities
- Identifying vulnerabilities and protecting you from phishing
- Security Vulnerabilities fixed in Firefox 72.0.1 and Firefox ESR 68.4.1 — Mozilla
- Drupal core – Critical – Multiple vulnerabilities – SA-CORE-2019-012 | Drupal.org
- Drupal core – Moderately critical – Multiple vulnerabilities – SA-CORE-2019-010 | Drupal.org
- oss-sec: Multiple vulnerabilities fixed in Git
- Multiple Vulnerabilities in PHP Could Allow for Arbitrary Code Execution
- Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182) – Microsoft Security Response Center
- oss-sec: Multiple vulnerabilities in Jenkins plugins
- Vulnerabilities in Multiple VPN Applications | CISA
- Pulse Security Advisory: SA44101 – 2019-04: Out-of-Cycle Advisory: Multiple vulnerabilities resolved in Pulse Connect Secure / Pulse Policy Secure 9.0RX
- VU#905115 – Multiple TCP Selective Acknowledgement (SACK) and Maximum Segment Size (MSS) networking vulnerabilities may cause denial-of-service conditions in Linux and FreeBSD kernels
- Security vulnerabilities fixed in Firefox 67.0.3 and Firefox ESR 60.7.1 — Mozilla
- Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerabilities
- Multiple Vulnerabilities in the WordPress Ultimate Member Plugin
- oss-sec: Multiple vulnerabilities in Dovecot 2.3
- Drupal core – Moderately critical – Multiple Vulnerabilities – SA-CORE-2019-005 | Drupal.org
- VU#871675 – WPA3 design issues and implementation vulnerabilities in hostapd and wpa_supplicant
- VU#166939 – Broadcom WiFi chipset drivers contain multiple vulnerabilities
- Google Online Security Blog: Disclosing vulnerabilities to protect users across platforms
- Thunderclap: Exploring Vulnerabilities in Operating System IOMMU Protection via DMA from Untrustworthy Peripherals – NDSS Symposium
- Security vulnerabilities fixed in Thunderbird 60.5.1 — Mozilla
- Downgrade Attack on TLS 1.3 and Vulnerabilities in Major TLS Libraries